nanog mailing list archives
Re: ebgp-multihop
From: alex () yuriev com
Date: Fri, 28 Feb 2003 08:46:45 -0500 (EST)
eBGP multihop carries with it the implicit possiblity of session highjacking - in a normal (Multihop=1) session, the router would not be able to find a duplicate neighbor with the specified IP address directly connected. Obviously, once you're saying that the neighbor could be anywhere in the world, what's to prevent me assigning my home Macintosh with a second IP address and injecting whatever I want into your network?
Just because you assign that second IP address to your Mac does not mean that anyone else in the world is going to see that announcement, which, in turn, would not let you to hi-jack the session. Alex
Current thread:
- ebgp-multihop Tim Rand (Feb 27)
- Re: ebgp-multihop Iljitsch van Beijnum (Feb 27)
- Re: ebgp-multihop David Barak (Feb 27)
- Re: ebgp-multihop Jared Mauch (Feb 27)
- Re: ebgp-multihop alex (Feb 28)
- Re: ebgp-multihop David Barak (Feb 27)
- Re: ebgp-multihop Steve Carter (Feb 27)
- Re: ebgp-multihop Jack Bates (Feb 27)
- <Possible follow-ups>
- Re: ebgp-multihop Stewart, William C (Bill), SALES (Feb 28)
- Re: ebgp-multihop Iljitsch van Beijnum (Feb 27)